SNCF — Securing Networks with Firepower — Question 225

An engineer must deploy a Cisco FTD appliance via Cisco FMC to span a network segment to detect malware and threats. When setting the Cisco FTD interface mode, which sequence of actions meets this requirement?

Answer options

• A. Set to passive, and configure an access control policy with an intrusion policy and a file policy defined.
• B. Set to passive, and configure an access control policy with a prefilter policy defined.
• C. Set to none, and configure an access control policy with an intrusion policy and a file policy defined.
• D. Set to none, and configure an access control policy with a prefilter policy defined.

Correct answer: C

Explanation

The correct answer is C, as setting the mode to 'none' allows the Cisco FTD to function without interference, while configuring an access control policy with both an intrusion policy and a file policy ensures comprehensive threat detection. Options A and B do not meet the requirement since they involve setting the mode to 'passive', which is not suitable for active malware detection in this scenario. Option D also fails because it lacks the necessary intrusion and file policies.